“Particularly concerning was the discovery of exposed biometric templates and facial recognition data in several modern access control systems, which could pose serious privacy risks if accessed by malicious actors,” the report pointed out. “The scope and depth of exposed information varied by organisation but consistently included enough personal data to create significant privacy and security risks for the affected organisations and their employers.”
Regional and industry-wide exposure
The investigation found a disproportionate concentration of exposed AMS in Europe, with Italy emerging as a key hotspot, reporting 16,678 exposed systems. Mexico and Vietnam followed, with 5,940 and 5,035 systems exposed, respectively.
The US recorded 1,966 vulnerable systems, while other technologically advanced nations such as Canada and Japan showed comparatively lower exposure levels. Despite strong data protection regulations, European nations collectively accounted for a significant portion of the reported vulnerabilities, the report added.
